It is nowadays commonplace for computer users to download applications or other executable programs from the Internet or other networks or sources with the intent of installing and running them in their computers. Although many such downloads come from trusted sources, executable programs originating from the Internet—or other sources where no significant security mechanism operates—can raise serious security concerns. In particularly malicious attacks, programs can be automatically downloaded and launched without the user's consent or knowledge, by simply visiting a website or clicking on a link embedded in an email, instant message or other electronic document. Once downloaded, a malicious program can associate itself with certain file types and wait until it is selected to process those files. When executed, the malicious program can cause considerable and permanent damage by deleting user files, stealing sensitive information, overwhelming operation of the CPU, spreading viruses, launching timed attacks on specific websites, etc. Clearly, a need exists to protect the vulnerability of users to such grave security breaches. Such considerations, however, must be tempered with a need to neither overly restrict users nor overburden them with warnings to the point of causing user fatigue. The present invention provides a solution that addresses both requirements.